Back to directory
WRITEUP #2402

From Shodan to RCE: That one time I hacked a Fortune 500 company.

RCEMissing authenticationArbitrary file readExposed Jenkins instance
by@vimanari_(vimanari_)
Program
-
Published
Aug 8, 2022
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://systemweakness.com/rooting-jenkins-remote-code-execution-on-a-live-bug-bounty-target-fc2c12d89a2e
RELATED WRITEUPS
Analysis of CVE-2024-43044 — From file read to RCE in Jenkins through agents
RCEArbitrary file read
From MLOps to MLOops: Exposing the Attack Surface of Machine Learning Platforms
AI / LLMAI
From Limited file read to full access on Jenkins (CVE-2024-23897)
RCEArbitrary file read
Studying 0days: How we hacked Anki, the world's most popular flashcard app
RCEComponents with known vulnerabilities
We hacked Anki - 0 day exploit from studying someone elses flashcards
RCEComponents with known vulnerabilities

Built with ❤️ by Shubham Rawat